chore: auto-commit (28 archivos)
- app.md - auth.go - chat.go - chat.log - db.go - frontend/package.json - frontend/pnpm-lock.yaml - frontend/src/App.tsx - frontend/src/Root.tsx - frontend/src/api.ts - ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -11,7 +11,9 @@ import (
|
||||
"os"
|
||||
"os/signal"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
"fn-registry/functions/infra"
|
||||
)
|
||||
@@ -23,6 +25,7 @@ func main() {
|
||||
flags := flag.NewFlagSet("kanban", flag.ExitOnError)
|
||||
port := flags.Int("port", 8095, "HTTP port")
|
||||
dbPath := flags.String("db", "operations.db", "SQLite database path")
|
||||
initialAdmin := flags.String("initial-admin", os.Getenv("KANBAN_INITIAL_ADMIN"), "Bootstrap admin in user:pass form (only if no users yet)")
|
||||
flags.Parse(os.Args[1:])
|
||||
|
||||
db, err := openDB(*dbPath)
|
||||
@@ -31,6 +34,9 @@ func main() {
|
||||
}
|
||||
defer db.Close()
|
||||
|
||||
bootstrapAdmin(db, *initialAdmin)
|
||||
startSessionCleanup(db)
|
||||
|
||||
wd := chatWorkdir(*dbPath)
|
||||
logger := newChatLogger(filepath.Join(wd, "chat.log"))
|
||||
log.Printf("chat tool log: %s", logger.path)
|
||||
@@ -44,9 +50,17 @@ func main() {
|
||||
log.Printf("no frontend build found, API-only mode")
|
||||
}
|
||||
|
||||
authMW := infra.HTTPSessionCookieMiddleware(infra.SessionCookieConfig{
|
||||
DB: db.conn,
|
||||
CookieName: cookieName,
|
||||
SkipPaths: []string{"/api/auth/", "/health", "/assets/", "/index.html"},
|
||||
UserCtxKey: userCtxKey,
|
||||
})
|
||||
|
||||
chain := infra.HTTPMiddlewareChain(
|
||||
infra.HTTPLoggerMiddleware(os.Stdout),
|
||||
infra.HTTPCORSMiddleware([]string{"*"}, []string{"GET", "POST", "PATCH", "DELETE", "OPTIONS"}),
|
||||
apiOnlyAuth(authMW),
|
||||
)
|
||||
handler := chain(mux)
|
||||
|
||||
@@ -62,6 +76,61 @@ func main() {
|
||||
}
|
||||
}
|
||||
|
||||
// apiOnlyAuth applies auth middleware only to /api/* paths so the SPA shell
|
||||
// can be served without a session (the SPA itself handles login UI).
|
||||
func apiOnlyAuth(mw infra.Middleware) infra.Middleware {
|
||||
return func(next http.Handler) http.Handler {
|
||||
gated := mw(next)
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
if strings.HasPrefix(r.URL.Path, "/api/") {
|
||||
gated.ServeHTTP(w, r)
|
||||
return
|
||||
}
|
||||
next.ServeHTTP(w, r)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func bootstrapAdmin(db *DB, spec string) {
|
||||
spec = strings.TrimSpace(spec)
|
||||
if spec == "" {
|
||||
return
|
||||
}
|
||||
count, err := db.CountUsers()
|
||||
if err != nil {
|
||||
log.Printf("bootstrap admin: count users: %v", err)
|
||||
return
|
||||
}
|
||||
if count > 0 {
|
||||
return
|
||||
}
|
||||
parts := strings.SplitN(spec, ":", 2)
|
||||
if len(parts) != 2 || parts[0] == "" || parts[1] == "" {
|
||||
log.Printf("bootstrap admin: invalid spec, expected user:pass")
|
||||
return
|
||||
}
|
||||
u, err := db.CreateUser(parts[0], parts[1], parts[0])
|
||||
if err != nil {
|
||||
log.Printf("bootstrap admin: %v", err)
|
||||
return
|
||||
}
|
||||
log.Printf("bootstrap admin: created user %q", u.Username)
|
||||
}
|
||||
|
||||
func startSessionCleanup(db *DB) {
|
||||
go func() {
|
||||
t := time.NewTicker(1 * time.Hour)
|
||||
defer t.Stop()
|
||||
for range t.C {
|
||||
if n, err := infra.SessionCleanup(db.conn); err != nil {
|
||||
log.Printf("session cleanup: %v", err)
|
||||
} else if n > 0 {
|
||||
log.Printf("session cleanup: purged %d expired", n)
|
||||
}
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func frontendHandler() http.Handler {
|
||||
sub, err := fs.Sub(frontendDist, "frontend/dist")
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user